<?php
require_once("bin/data.php");
@session_start();

$user = getUser(@$_SESSION['userid']);

$userid = $user['id'];
$title="Record";
$link="";
$header="";
$footer="";

/* Existing Records */

$existing_records="<ul>";
$sql = "SELECT * FROM `$tblrecords` WHERE userid='$userid';";
$result = @mysql_query($sql);
while($row=@mysql_fetch_array($result))
{
	$existing_records= $existing_records."<li>".$row['title']."</li>";
}
$existing_records=$existing_records."</ul>";

/* Entry form followed by existing records (?) */

$content= <<<EOF
<div id="singlelinereply"><a href="signin.php?so=true">Log out</a></div>
<div id="formentry">
<span>New Record:</span>
<form action="record.php" method="post" enctype="multipart/form-data">
<span>Title:</span> <input type="text" name="t" id="t" value="" />
<span>Description:</span> <input type="text" name="d" id="d" value=""  />

<span>File:</span> <input type="file" name="f" id="f" />

<input type="submit" name="pu" id="pu" value="Add" />
</form>
</div>
{$existing_records}
EOF;

/* Handle new records */

if(isset($_POST['pu']))
{
	if (isset($_FILES['f']))
	{
		if (($_FILES['f']['size']<1000001))
		{
			if ($_FILES['f']['size']>0)
			{
				$input_image = $_FILES['f']['tmp_name'];
				list($width_orig, $height_orig, $type) = getimagesize($input_image);
				switch ($type)
				{
				case 1:   //   gif -> jpg
					$original_image = imagecreatefromgif($input_image);
					break;
				case 2:   //   jpeg -> jpg
					$original_image = imagecreatefromjpeg($input_image);
					break;
				case 3:  //   png -> jpg
					$original_image = imagecreatefrompng($input_image);
					break;
				}
				$width=640;
				if ($width>$width_orig)
					$width = $width_orig;
				$ratio_orig = $width_orig/$height_orig;
				$height = $width/$ratio_orig;	
				$image_p = imagecreatetruecolor($width, $height);
				Imagecopyresampled($image_p, $original_image, 0, 0, 0, 0, $width, $height, $width_orig, $height_orig);
				$imgid = substr(md5(uniqid(rand(), true)), 0, 16);
				if (imagepng( $image_p, "barrel/".$imgid.".png"))
				{
					ImageDestroy($image_p);
					ImageDestroy($original_image);					
					unlink($input_image);
				
				//need to update db as well.
				global $tblrecords;
	
				$title = mysql_real_escape_string($_REQUEST['t']);
				$desc = mysql_real_escape_string($_REQUEST['d']);
				$userid = $user['id'];
	
				$sql = "INSERT INTO `$tblrecords` VALUES
					(
					NULL,
					'$userid',
					'$title',
					'',
					CURRENT_TIMESTAMP);";
				$result = mysql_query($sql) or die(mysql_error() );
				if ($result > 0)
				{
					header("Location:record.php");
				}
				}				
			}
		}
	}
}

include("base.php");
echo $html;
?>
